Lucene search
K

19 matches found

Openbugbounty
Openbugbounty
added 2020/01/30 11:14 a.m.16 views

beauti-full.ru Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1079862 Security Researcher KikyTokamuro Helped patch 18 vulnerabilities Received 1 Coordinated Disclosure badges , a holder of 1 badges for responsible and coordinated disclosure, found a security vulnerability affecting beauti-full.ru website and its users. Following...

0.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2020/01/12 8:45 p.m.5 views

demandboost.calltrack.co Cross Site Scripting vulnerability OBB-1066411

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

0.7AI score
Exploits0
myhack58
myhack58
added 2019/02/21 12:0 a.m.115 views

Type confusion vulnerability instance analysis-vulnerability warning-the black bar safety net

Type confusion vulnerability in General is the type of data A as data of Type B to resolve the reference, which may lead to illicit access to data and thus execute arbitrary code. This article by IE type confusion vulnerability examples and Word type confusion vulnerability examples for analysis,...

7.6CVSS6.8AI score0.80386EPSS
Exploits9
Saint
Saint
added 2017/08/01 12:0 a.m.524 views

Internet Explorer mshtml.dll Memory Corruption Vulnerability

Added: 08/01/2017 CVE: CVE-2017-0037 BID: 96088 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem Microsoft Internet Explorer has two vulnerabilities in the way objects are handled in memory. The first, CVE-2017-0059, is an...

7.6CVSS7.2AI score0.80386EPSS
Exploits12
Saint
Saint
added 2017/08/01 12:0 a.m.558 views

Internet Explorer mshtml.dll Memory Corruption Vulnerability

Added: 08/01/2017 CVE: CVE-2017-0037 BID: 96088 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem Microsoft Internet Explorer has two vulnerabilities in the way objects are handled in memory. The first, CVE-2017-0059, is an...

8.1CVSS7.2AI score0.80386EPSS
Exploits12
0day.today
0day.today
added 2017/07/24 12:0 a.m.167 views

Microsoft Internet Explorer - mshtml.dll Remote Code Execution (MS17-007) Exploit

Exploit for windows platform in category remote exploits Exploit Title: Microsoft Internet Explorer - 'mshtml.dll' Remote Code Execution MS17-007 Google Dork: NA Date: 24/7/2017 Exploit Author: Mohamed Hamdy - Nsecurity Vendor Homepage: https://www.microsoft.com Version: Microsoft Internet Explor...

7.6CVSS6.5AI score0.80386EPSS
Exploits9
Packet Storm
Packet Storm
added 2017/07/24 12:0 a.m.141 views

Microsoft Internet Explorer MS17-007 mshtml.dll Remote Code Execution

Exploit Title: Microsoft Internet Explorer - 'mshtml.dll' Remote Code Execution MS17-007 Google Dork: NA Date: 24/7/2017 Exploit Author: Mohamed Hamdy - Nsecurity Vendor Homepage: https://www.microsoft.com Version: Microsoft Internet Explorer 11 Tested on: Windows 7 SP1 x86 CVE : CVE-2017-0037...

7.6CVSS6.3AI score0.80386EPSS
Exploits9
Prion
Prion
added 2017/03/17 12:59 a.m.26 views

Memory corruption

Microsoft Internet Explorer 10 and 11 allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." This vulnerability is different from those described in CVE-2017-0037 and...

7.6CVSS6.6AI score0.80386EPSS
Exploits9References3Affected Software1
Prion
Prion
added 2017/03/17 12:59 a.m.22 views

Information disclosure

The VBScript engine in Microsoft Internet Explorer 11 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Scripting Engine Information Disclosure Vulnerability." This vulnerability is different from those described in CVE-2017-0018, and...

4.3CVSS5.2AI score0.80386EPSS
Exploits9References3Affected Software1
OpenVAS
OpenVAS
added 2017/03/15 12:0 a.m.41 views

Microsoft Internet Explorer Multiple Vulnerabilities (4013073)

This host is missing a critical security update according to Microsoft Bulletin MS17-006. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

8.8CVSS5.7AI score0.80386EPSS
Exploits14References4
Kaspersky
Kaspersky
added 2017/03/14 12:0 a.m.229 views

KLA10968 Multiple vulnerabilities in Microsoft Edge

Multiple serious vulnerabilities have been found in Microsoft Edge. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, obtain sensitive information and bypass security restrictions. Below is a complete list of vulnerabilities: 1. An incorrect handling of...

8.1CVSS9.1AI score0.80386EPSS
Exploits18References38
Check Point Advisories
Check Point Advisories
added 2017/02/27 12:0 a.m.6 views

Microsoft Browser Memory Corruption (MS17-006: CVE-2017-0037)

A type confusion vulnerability exists in Microsoft Internet Explorer and Microsoft Edge. The vulnerability is due to an error in Microsoft Internet Explorer and Microsoft Edge while handling a specially crafted HTML file. A remote attacker can exploit this vulnerability by enticing a target user ...

7.6CVSS1.4AI score0.80386EPSS
Exploits9
Vulnrichment
Vulnrichment
added 2017/02/26 11:30 p.m.9 views

CVE-2017-0037

Microsoft Internet Explorer 10 and 11 and Microsoft Edge have a type confusion issue in the Layout::MultiColumnBoxBuilder::HandleColumnBreakOnColumnSpanningElement function in mshtml.dll, which allows remote attackers to execute arbitrary code via vectors involving a crafted Cascading Style Sheet...

7.9AI score0.80386EPSS
Exploits9References9
CVE
CVE
added 2017/02/26 11:30 p.m.1064 views

CVE-2017-0037

CVE-2017-0037 affects Microsoft Internet Explorer 10/11 and Microsoft Edge via a type confusion in mshtml.dll (Layout::MultiColumnBoxBuilder::HandleColumnBreakOnColumnSpanningElement), enabling remote code execution through crafted CSS/JS sequences. Connected sources note public exploitation acti...

8.1CVSS6.4AI score0.80386EPSS
In wildExploits9References10Affected Software1
ATTACKERKB
ATTACKERKB
added 2017/02/26 12:0 a.m.38 views

CVE-2017-0037

Microsoft Internet Explorer 10 and 11 and Microsoft Edge have a type confusion issue in the Layout::MultiColumnBoxBuilder::HandleColumnBreakOnColumnSpanningElement function in mshtml.dll, which allows remote attackers to execute arbitrary code via vectors involving a crafted Cascading Style Sheet...

8.1CVSS4.4AI score0.80386EPSS
In wildExploits9References13
seebug.org
seebug.org
added 2017/02/26 12:0 a.m.47 views

Microsoft Edge and IE: Type confusion in HandleColumnBreakOnColumnSpanningElement (CVE-2017-0037)

PoC: .class1 float: left; column-count: 5; .class2 column-span: all; columns: 1px; table border-spacing: 0px; function boom document.styleSheets0.media.mediaText = "aaaaaaaaaaaaaaaaaaaa"; th1.align = "right"; Note: The analysis below is based on an 64-bit IE running in single process mode running...

7.6CVSS6.3AI score0.80386EPSS
Exploits9
0day.today
0day.today
added 2017/02/24 12:0 a.m.74 views

Microsoft Edge / Internet Explorer HandleColumnBreakOnColumnSpanningElement Type Confusion Exploit

Microsoft Edge and Internet Explorer suffer from a type confusion in HandleColumnBreakOnColumnSpanningElement. Microsoft Edge and IE: Type confusion in HandleColumnBreakOnColumnSpanningElement CVE-2017-0037 PoC: .class1 float: left; column-count: 5; .class2 column-span: all; columns: 1px; table...

7.6CVSS6.1AI score0.80386EPSS
Exploits9
Circl
Circl
added 2017/02/24 12:0 a.m.15 views

CVE-2017-0037

creationtimestamp| type| source ---|---|--- 2017-02-24 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/41454 2017-10-17 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/43125 2023-06-14 21:10:03+00:00| seen| MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123 2023-12-04...

8.1CVSS6.8AI score0.80386EPSS
Exploits9References8
Packet Storm
Packet Storm
added 2017/02/24 12:0 a.m.125 views

Microsoft Edge / Internet Explorer HandleColumnBreakOnColumnSpanningElement Type Confusion

Microsoft Edge and IE: Type confusion in HandleColumnBreakOnColumnSpanningElement CVE-2017-0037 PoC: .class1 float: left; column-count: 5; .class2 column-span: all; columns: 1px; table border-spacing: 0px; function boom document.styleSheets0.media.mediaText = "aaaaaaaaaaaaaaaaaaaa"; th1.align =...

6.3AI score0.80386EPSS
Exploits9
Rows per page
Query Builder